package com.gzy.mylog.controller;

import com.gzy.mylog.controller.paramer.LoginPara;
import com.gzy.mylog.core.R;
import com.gzy.mylog.model.User;
import com.gzy.mylog.server.AuthServer;
import io.jsonwebtoken.*;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.bind.annotation.*;

import javax.validation.Valid;

@CrossOrigin
@RestController
public class AuthController {

    @Autowired
    AuthServer authServer;

    // 参数类型 使用 json 格式
    @PostMapping("/login")
    R<String> login(@Valid @RequestBody LoginPara para){
        return new R<String>(){{
                setCode(Code.OK);
                setData(authServer.login(para.getUsername(),para.getPassword()));
                setMessage("登录成功");
            }};
    }

    @PostMapping("/signup")
    R signup(@Valid @RequestBody LoginPara para){
        authServer.signup(para.getUsername(),para.getPassword());
        return new R<String>(){{
            setCode(Code.OK);
//            setData(authServer.login(para.getUsername(),para.getPassword()));
            setMessage("注册成功");
        }};
    }
   @PostMapping("/auth/logout")
    R signup(){
        return new R<String>(){{
            setCode(Code.OK);
//            setData(authServer.login(para.getUsername(),para.getPassword()));
            setMessage("注销成功");
        }};
    }

    @GetMapping("/userinfo") // principal
    R<User> userinfo(@AuthenticationPrincipal UserDetails userDetails){

        return new R<User>(){{
            setData(authServer.getUserByUsername(userDetails.getUsername()));
        }};
    }
    @Secured("ROLE_ADMIN")
    @GetMapping("/userinfo_admin") // principal
    R<User> userinfo_admin(@AuthenticationPrincipal UserDetails userDetails){

        return new R<User>(){{
            setData(authServer.getUserByUsername(userDetails.getUsername()));
        }};
    }
    @Secured("ROLE_USER")
    @GetMapping("/userinfo_user") // principal
    R<User> userinfo_user(@AuthenticationPrincipal UserDetails userDetails){

        return new R<User>(){{
            setData(authServer.getUserByUsername(userDetails.getUsername()));
        }};
    }
    void a(){
        // 签发
        String uid = "1"; // 张三
        String uid2 = "888"; // 撕葱

        JwtBuilder builder = Jwts.builder() //这里其实就是new一个JwtBuilder，设置jwt的body
                .setSubject(uid)          //iat: jwt的签发时间
                .signWith(SignatureAlgorithm.HS256,"123456".getBytes());//设置签名使用的签名算法和签名使用的秘钥

        String jwt = builder.compact();

        System.out.println(jwt);

//
        // JTdCJTIyc3ViJTIyJTNBJTIyODg4JTIyJTdE
        jwt = "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI4ODgifQ==.XdWHPTOeuaVEK6RcB-HPZB_dvqlVbfus4DtzNjF3S3A";

        // 验证
        Jws<Claims> claimsJws = Jwts.parser()  //得到DefaultJwtParser
                .setSigningKey("123456".getBytes())         //设置签名的秘钥
                .parseClaimsJws(jwt);
        String subject = claimsJws.getBody().getSubject();

        if (subject.equals(uid)){
            System.out.println("成功");
        }else{
            System.out.println("不是一个用户");
        }
    }
}
